The “revelations” about the National Security Agency’s monitoring program of phone systems and Internet companies certainly have captured Washington’s attention. You cannot go 30 minutes without a new angle on the story — whether it be about who knew what when, what will happen to confessed leaker Edward Snowden or whether additional surveillance programs are under way. And then, of course, there is the whole debate over whether what the NSA and the rest of the U.S. government is doing is legal, much less constitutional.

This will not be a story that goes away anytime soon. Snowden’s saga has just begun, as has the inevitable slew of hearings and briefings on Capitol Hill. NSA employees are assuredly about to endure many endless nights preparing testimony and responses to congressional inquiries. If they were able to accept Starbucks gift cards, I’m sure they would take them.

What is also a near certainty is that despite a flurry of legislation about to be introduced trying to limit information-collection activities, nothing will pass in the near future. For the time being, the interests of Congress don’t favor the passage of comprehensive surveillance reform legislation including the PATRIOT Act or the Foreign Intelligence Surveillance Act. Initial polls seem to show some comfort level with what the NSA (and presumably other agencies) is doing, and so for now there is not too much pressure on Congress to act.

Part of the collective shrug at the NSA revelations likely relates to the Boston Marathon bombings putting terrorism back on the front burner. But does the public reaction and the relative restraint being shown in Congress mean that our security efforts are in the clear? Sadly, no, and that’s because this situation could easily and negatively affect cybersecurity.

While nothing is likely to happen that would restrict “traditional” surveillance, the executive branch is still going full steam ahead on its executive order on cybersecurity, and numerous members of Congress are drafting and pushing cybersecurity legislation. Those are the efforts that could suffer the collateral fallout of the NSA scandal.

If you think about it for a moment, the biggest concerns with cybersecurity action by the federal government have revolved around how much it should be doing, and what privacy protections should be required. These concerns are not easy to address, and part of the problem is that these difficult issues have thus far hindered meaningful legislation. The authors of the Cyber Intelligence Sharing and Protection Act know that all too well as that legislation continues to be stalled by privacy concerns.

Privacy questions revolve around issues like whether a computer user’s personal information will need to be “minimized” when shared with the government. Moreover, some complain that despite amendments to CISPA that put the departments of Homeland Security and Justice in the lead with respect to cyber-information sharing, at the end of the day, our friends at the NSA could still truly be in charge of the process. Throw in the fact that companies would face minimal liability for “sharing” with the government, you can guess where this is going post-Snowden.

And it isn’t just CISPA that we have to worry about here. It is the whole cybersecurity enterprise. All the questions that are being raised about the NSA monitoring situation can translate almost directly into the government’s cybersecurity efforts. If those questions and worries come to dominate the debate, then the NSA situation will be transformed from an interesting sideshow to one that truly has devastating effects on our national security.

I say that because, simply put, we are under cyberattack every single day. Not just one, not just hundreds, but tens if not hundreds of thousands of cyberattacks each day. The losses from those attacks, even without a “Cyber Sept. 11,” approach catastrophic levels. Billions of dollars in intellectual property is being stolen annually, and each day reveals a new insidious cyberthreat. Congress has to be in a position to act, whether by strengthening government defenses or incentivizing the private sector to do more. No one is advocating by any means giving the government unfettered access to personal information in the name of cybersecurity, but at the same time, the danger is there that those outraged by the NSA situation will push too far and slow too dramatically our cybersecurity efforts. If that happens, then Snowden will have caused far more damage than he could ever have realized.

Brian Finch is a partner at Dickstein Shapiro and an adjunct professor at The George Washington University Law School. He can be followed on Twitter at @BrianEFinch.